How To Write A Type System For A Linear Logic (For A Linear Type System)

Transcription

1 The Least Must Speak with the Greatest J. Garrett Morris, Sam Lindley, and Philip Wadler The University of Edinburgh Abstract. We extend a propositions-as-types correspondence between linear logic and session types to include recursive sessions. Our extension takes least and greatest fixed points as dual, an idea well-known to theorists, but which has not previously appeared in the treatment of recursive sessions. We preserve the freedom from races, deadlock, and livelock that is a hallmark of the propositions-as-types approach, and avoid a problem with preservation of duality that appears in the standard treatment of recursive session types. We treat two systems, one based on classical linear logic, derived from work of Caires and Pfenning and of Wadler, and one based on a linear functional language, derived from work of Gay and Vasconcelos. Our treatment of recursion is inspired by Baelde. 1 Introduction Previous work on session types suffers from a mismatch. Session types capture communication protocols. The two ends of a channel must be dual, which ensures that when one end of a channel performs output the other performs input, and when one end offers a choice of actions the other selects from these alternatives. Session types are of limited use without recursion, which permits defining sessions of arbitrary size. Recursion traditionally comes in two dual forms, least fixed point and greatest fixed point. However, in previous work on session types recursion is introduced in such a way that both ends of a channel are treated as least fixed points, a mismatch with the treatment of the other connectives. Here, we introduce a notion of recursion for session types that restores the traditional notion that least fixed points are dual to greatest fixed points. Honda (1993) introduced session types as a type system for process calculi, and Gay and Vasconcelos (2010) reformulated session types in the context of a functional language with linear types. Caires and Pfenning (2010) uncovered a propositions-as-types correspondence between session types and intuitionistic linear logic, and Wadler (2012) adapted the correspondence to classical linear logic. Wadler defines two systems, a process calculus CP (inspired by Caires and Pfenning) and a linear functional language GV (inspired by Gay and Vasconcelos), and presents a type-preserving translation from GV to CP. Subsequently, Lindley and Morris (2014) extended GV to support translation in the other direction, giving type-preserving translations not only from GV to CP but also from CP to GV. A hallmark of the propositions-as-types approach is that it yields systems guaranteed free of races and deadlock; both CP and GV benefit from these properties. Toninho et al. (2013, 2014) also treat recursion in systems inspired by a propositions-as-types correspondence, but they have no notion of duality for least and greatest fixed points.

2 There is much previous work that supports recursive session types, starting with Honda et al. (1998), and including Yoshida and Vasconcelos (2007) and Demangeon and Honda (2011), all of which suffer from the mismatch mentioned above. Here, drawing on work of Baelde (2012), we extend both CP and GV with recursive session types, taking least and greatest fixed points as duals. We show that the type-preserving translations extend to the new systems, and that the new systems are still guaranteed free of races, deadlock, and livelock. Bono and Padovani (2012) and Bernardi and Hennessy (2013) independently observed that the standard treatment of recursive session types fails to preserve duality in the case that the recursive variable appears within a carried type. Their solution relies on an unusual form of substitution that applies only to the carried types within a session type, while ours avoids the problem while using only standard forms of substitution. This paper makes the following contributions. Section 2 extends GV to support recursion, yielding µgv; and demonstrates its power with a series of examples of streams and a calculator. In µgv, unlike in previous session type systems, least fixed points are dual to greatest fixed points and duality is preserved in all cases. Section 3 extends CP to support recursion, yielding µcp, and presents a translation of some of the same examples. We show µcp is guaranteed free of races, deadlock, and livelock. Section 4 presents type-preserving translations from µgv into µcp and inversely. The translation guarantees that GV also is free of races, deadlock, and livelock. As a technical aid, we also present a type-preserving translation from µgv into a subset of itself, similar to one in Lindley and Morris (2014), showing how function and product types can be represented by session types. Section 5 surveys related work and Section 6 concludes. 2 A Session-Typed Functional Language In this section, we present µgv, a simple functional language with session types patterned on the language of Gay and Vasconcelos (2010) (which we call LAST) and Wadler s language GV. Throughout the paper we highlight the novel parts of µgv and µcp by shading them in gray. 2.1 Types Types in µgv are given by the following grammar: Types T, U, V ::= S T U T U T U Session Types S ::=!T.S?T.S end! end? {l i : S i} i {l i : S i} i S S X X µg νg Type Operators G ::= X.S The types comprise session types, linear pairs (T U ), and both linear (T U ) and unlimited (T U ) functions. Session types include input (?T.S), output

3 (!T.S), selection ( {l i : S i } i ), choice ( {l i : S i } i ), and closed channels (end? and end! ). There are two variations on the closed channel (end? ) and (end! ); these arise from our interpretation of session types in classical linear logic, where there is no self-dual proposition corresponding to closed channels. We include a notion of replicated sessions, corresponding to exponentials in linear logic: a channel of type S is a service, offering any number of channels of type S; a channel of type S is the server providing such channels. For simplicity, we omit polymorphism as it is an orthogonal concern. We include session variables (X ) and their duals (X ), and types corresponding to bounded recursion (µx.s) and unbounded corecursion (νx.s). If G is an operator X.S, then G(S ) denotes the standard capture-avoiding substitution of S for X in S, which we write as S[S /X ]. Each type T is either linear (lin(t )) or unlimited (un(t )). All types are linear except unlimited functions T U, replicated channels S, and closed input channels end?. We extend the standard notion of duality to recursive and corecursive session types:!t.s =?T.S?T.S =!T.S end? = end! end! = end? {l i : S i} i = {l i : S i} i {l i : S i} i = {l i : S i} i S = S S = S µg = νg νg = µg where X = X and we define the dual of an operator G = X.S as G = X.G(X ). Observe that G(S) = G(S). Unlike many notions of duality for session types, our definition preserves duality when recursive session types are unrolled, even when the recursion occurs in the carried types. For example, consider the operator G = X.?X.end?, its dual G = X.!X.end!, and the dual session types µg and νg. Unrolling µg yields G(µG) =?µg.end? ; unrolling νg yields G(νG) =!νg.end! =!µg.end!, which is the dual of?µg.end?. To ensure that fixed points exist, we require that all operators X.S be monotonic, that is, X may appear only in positive subformulas of S. Thus, the operator X.!X.end! is not monotonic, but the operator X.!(X end! ).end! is. Formally, X.S is monotonic iff the predicate pos X,S holds, where pos and neg are defined by the homomorphic extensions of the following equations: pos X,X = true pos X,X = false pos X,!T.S = neg X,T pos X,S pos X,T U = neg X,T pos X,U pos X,T U = neg X,T pos X,U neg X,X = false neg X,X = true neg X,!T.S = pos X,T neg X,S neg X,T U = pos X,T neg X,U neg X,T U = pos X,T neg X,U 2.2 Typing Rules We let Φ range over type environments. The judgement Φ M : T states that term M has type T in type environment Φ. Figure 1 gives the typing rules of µgv. The structural rules account for variables, and for weakening and contraction of unlimited types. The rules for the functional terms are standard; note that, to account for linearity, the context is split in the rules for application and pair introduction and elimination, and is restricted to unlimited types in the introduction of unlimited arrows.

4 Structural Rules un(t U ) un( S) un(end? ) x : T x : T Lambda Rules Φ M : U un(t ) Φ, x : T M : U Φ, x : T, x : T M : U un(t ) Φ, x : T M [x/x ] : U Φ, x : T M : U Φ λx.m : T U Φ M : T U Φ, Ψ M N : U Ψ N : T Φ M : T U Φ M : T U un(φ) Φ M : T U Φ M : T U Session Rules Φ M : T Ψ N : U Φ, Ψ (M, N ) : T U Φ M : T U Ψ, x : T, y : U N : V Φ, Ψ let (x, y) = M in N : V Φ M : S Ψ N : S Φ M : T Ψ N :!T.S Φ, Ψ link M N : end! Φ, Ψ send M N : S Φ M :?T.S Φ receive M : T S Φ, x : S M : end! Φ fork x.m : S Φ M : {l i : S i } i Φ M : {l i : S i } i Ψ, x : S i N i : T Φ select l i M : S i Φ, Ψ case M {l i x.n i } i : T Φ M : S Φ request M : S Φ M : µg Φ M : G(µG) Φ, x : S M : end! un(φ) Φ serve x.m : S f : X T end!, c : G(X ), x : T M : end! cofix f c x = M : νg T end! Admissible Session Rules Φ M : G(µG) Φ M : µg Φ M : νg Φ M : G(νG) Φ M : G(νG) Φ M : νg Fig. 1: Typing Rules for µgv The typing of input, output, choice and selection are those of Gay and Vasconcelos (2010). Following our earlier work (Lindley and Morris, 2014), the term link M N implements channel forwarding. The fork construct provides session initiation. The rule for serve x.m parallels that for fork: it defines a server which replicates M, and returns the channel by which it may be used (of type S = S). The novelty of µgv is in its recursive and corecursive channels; we attempt to remain close to existing presentations of recursive session types (Honda et al., 1998). The construct cofix f c x = M is used to define corecursive sessions. We provide for the rolling and unrolling of fixed points µg and νg, implementing the equivalences among equirecursive types. As we observe in Section 4.3, only the first of these coercion rules is essential. The remaining rules are admissible, albeit at the cost of introducing additional computation. The remainder of the section presents several examples illustrating the use of cofix. In addition, we have implemented a prototype of µgv plus various extensions, and we have implemented many examples, including all of those of Toninho et al. (2013). All of the code is available at the following URL:

5 2.3 Streams We will write letx = M inn for (λx.m )N and assume an extension of µgv with a type of naturals (Nat), literals (0, 1,... ), addition (+), and multiplication ( ). A canonical example of a corecursive data type is a stream. Let us consider a session type for producing a stream of naturals. Source = νx. {next :!Nat.X, stop : end! } A channel of type Source can either produce the next number or stop. The dual of a source is a sink. Sink = µx. {next :?Nat.X, stop : end? } Using cofix we can define a function that sends a stream of zeros along a corecursive channel: Zeros : Source end! Zeros = cofix f c = case c {next c.let c = send 0 c in f c; stop c.c} If the next number is chosen, then a zero is sent along the channel and we recurse. Otherwise we stop. We define a helper macro to read the next value from a stream: and now: GetNext : Sink Nat Sink GetNext c = receive (select next c) let c = fork c.zeros c in let (x, c) = GetNext c in let (y, c) = GetNext c in let (z, c) = GetNext c in let c = select stop c in (x, (y, z)) begins by forking a stream of zeros, and then reads from the corresponding sink several times, returning (0, (0, 0)). Productivity. We might expect to assign c the type {next :!Nat.Source, stop : end! } and f the type Source end! in the body of Zeros, but then productivity would not be assured and deadlock would be possible. For example, under those typing assumptions, the following would also be well-typed: cofix f c = f c We restrict the typing rule for cofix in order to guarantee productivity. We use a fresh type variable X to abstract the recursive behavior, so the channel c has type G(X ) (in our example {next :!Nat.X, stop : end! }) instead of G(νG), and f has type X end! instead of νg end!. The body of cofix is thus required to provide exactly one step of the corecursive behavior.

6 Coinvariants. We allow recursive sessions to maintain internal state (a coinvariant). In the cofix typing rule this is captured by the additional arguments x. For example, we can construct a stream of consecutive naturals: Nats : Source end! Nats = cofix nats c x = case c {next c. let c = send x c in nats c (x + 1) stop c. c} The variable x tracks the next value to send to the stream, and is accordingly incremented in the recursive call. Now, the following: let c = fork c.nats c 0 1 in let (x, c) = GetNext c in let (y, c) = GetNext c in let (z, c) = GetNext c in let c = select stop c in (x, (y, z)) returns (0, (1, 2)). We can maintain coinvariants of arbitrary complexity; for example, we can define a stream of the Fibonacci numbers as follows: Fibs : Source end! Fibs = cofix fibs c m n = case c {next c.let c = send m c in fibs c n (m + n) stop c. c} 2.4 Multi-function Calculator We now define a basic multi-function calculator. We aim to implement a process that accepts a stream of addition and multiplication requests, and can at any time provide the accumulated result: Calc = νx. {add :?Nat.X, mul :?Nat.X, result :!Nat.X, stop : end! }. We implement a provider of calculator functionality as follows: MakeCalc : Calc Nat end! MakeCalc = cofix calc c accum = case c of {add c. let (x, c) = receive c in calc c (accum + x) mul c. let (x, c) = receive c in calc c (accum x) result c. let c = send accum c in calc c accum stop c. c} Here is an example of using a calculator: let c = fork c.makecalc c 0 in let c = send 6 (select add c) in let c = send 7 (select mul c) in let (x, c) = receive (select result c) in let c = select stop c in x We begin by constructing an instance of the calculator with the accumulator starting at 0. We perform several calculations, adding 6 to the accumulator and multiplying by 7. Finally, we obtain the result (42) and close the channel.

7 P Γ, y : A Q, y : A x w x : A, w : A new y (P Q) Γ, x[].0 x : 1 P Γ, y : A, x : B x(y).p Γ, x : A B P Γ, y : A Q, x : B x[y].(p Q) Γ,, x : A B P Γ x().p Γ, x : P Γ, x : A i P Γ, x : A Q Γ, x : B x[in i].p Γ, x : A 1 A 2 case x {P; Q} Γ, x : A B case x {} Γ, x : P Γ P Γ, x :?A P y : A,?Γ!x(y).P Γ, x :!A P y : A, Γ?x[y].P Γ, x :?A P Γ, x : F (µf ) rec x.p Γ, x : µf P x :?A, x :?A, Γ P[x/x ] Γ, x :?A P Γ, y : A Q y : A, x : F (A) corec F x y (P, Q) Γ, x : νf Fig. 2: Typing Rules for µcp 3 A Linear Logic-Based Process Calculus The types of µcp are the propositions of classical linear logic, extended with type operators F and fixed points µf, νf. Types A, B ::= A B A B 1 A B A B 0?A!A X X µf νf Type Operators F ::= X.A If F = X.A, define F (B) = A[B/X ]. The standard notion of classical linear logic duality is extended to fixed points in the expected fashion: (A B) = A B 1 = (A B) = A B = 1 (!A) =?A (?A) =!A (A B) = A B = 0 (A B) = A B 0 = (νf ) = µf (µf ) = νf where X = X, and we define the dual of a type operator by F = X.(F (X )). Similarly to µgv, (F (A)) = F (A ). We let Γ, range over type environments. The judgement P Γ states that process P uses channels Γ. Typing rules for µcp terms are given in Fig. 2. We write fv(p) for the free variables used in process P; in the typing rules, new bound variables are designated y. Structural Rules. µcp has two structural rules, axiom and cut. We interpret the axiom x w as channel forwarding: actions on channel x are mirrored on w, and vice versa. Thus, x and w must have dual type. Cut new y (P Q) is interpreted as communication between processes P and Q on channel y; the duality of the typing of y assures that its uses in P and Q are compatible. We identify µcp up to structural equivalence: x w w x new y (P Q) new y (Q P) new y (P new z (Q R)) new z (new y (P Q) R), if y fv(r)

8 Input and Output. The multiplicative connectives and are interpreted as input and output. The process x(y).p inputs channel y on channel x, and continues as P. The process x[y].(p Q) is interpreted as bound output: it sends a fresh variable y along x, spawns a process P in which y is used, and continues as process Q in which x is used. It amounts to the π-calculus term (νy)x(y).(p Q). We write x[y].p as syntactic sugar for x[y ].(y y P). The units of and, and 1, are interpreted as nullary input and nullary output, respectively. Selection and Choice. The additive connectives and are interpreted as selection and choice. The process case x {P 1 ; P 2 } offers a choice of processes P 1 and P 2 ; dually, the process x[in i ].P i chooses the i-th alternative. The unit for choice is 0, indicating absurdity. Note that there is no term proving 0. The dual of absurdity is, and provides arbitrary behavior; as there is no term proving 0, no term relying on can reduce. Replication and Dereliction. The exponential connectives! and? in linear logic provide restricted access to the classical rules of weakening and contraction. We interpret them as serving (!) and requesting (?) replicated processes. For a server channel of type!a, the process P proving A may be replicated arbitrarily, so each channel that P uses must be replicable as well. We write?γ to assert that all types in Γ be of the form?b. As well as the introduction rule for a request channel of type?a, there are also implicit rules for weakening and contraction. Recursion and Corecursion. We introduce least fixed points µf and greatest fixed points νf to CP, following Baelde s (2012) proof theoretic treatment of fixed points in linear logic. The proof rules can be understood from traditional two-sided rules for least and greatest fixed points, combined with the duality between the fixed points. We begin with a two-sided presentation: F (A) A Γ, A B Γ, µf B Γ F (µf ) Γ µf Γ, F (νf ) B Γ, νf B A F (A) Γ A Γ νf Functional programmers may recognize the first as the rule for a fold, and the fourth as the rule for an unfold. We adapt the above rules to a one sided presentation as follows. (As Γ denotes any context, we write Γ instead of Γ ). F (A ), A Γ, A, B Γ, νf, B Γ, F (µf ) Γ, µf Γ, F (µf ), B Γ, µf, B A, F (A) Γ, A Γ, νf However, now we can observe that Γ, B is itself an instance of a context, and F a type operator, and so the top-right rule is just an instance of the bottom-left rule, and the top-left rule is just an instance of the bottom-right rule. The bottom two

9 new x (w x P) = P[w/x] new x (x[y].(p Q) x(y).r) = new y (Q new x (P R)) new x (x[].0 x().p) Γ = P new x (x[in i].p case x {Q 1; Q 2}) = new x (P Q i) new x (!x(y).p?x[y].q) = new y (P Q) new y (!x(y).p Q) = Q, x / fv(q) new x (!x(y).p Q[x/x ]) = new x (!x(y).p new x (!x (y).p Q)) new x (corec F x y (P, Q) rec x.r) = new y (P new x (Q new x (Q R[x /x]))) where Q = map F x,x (corecf x y (x y, Q[x /x])) Fig. 3: Principal Cut Elimination Rules map X.C x,y (P) = x y, if X is not free in C map X.X x,y (P) = P map X.C 1 C 2 x,y (P) = x(x ).y[y ].(map X.C 1 x,y (P[x /x, y /y]) map X.C 2 x,y (P)) map X.C 1 C 2 x,y (P) = case x {y[in 1].map X.C 1 x,y (P); y[in 2].map X.C 2 x,y (P)} map X.?C x,y (P) =!x(x ).?y[y ].P[x /x, y /y] map X.µF x,y (P) = corec F x y (y y, rec y.map X.F (µf ) x,y (P[y /y])) Fig. 4: Definition of map for Positive Combinators rules are the typing rules for the µcp terms rec x.p and corec F x y (P, Q). We will often omit the F annotation. As in µgv, corec terms maintain a coinvariant y, of type A. The coinvariant can be seen as being sent from P to Q; thus, its type is dual in P and Q. As carried types are not dual in µgv, no corresponding duality appears in the typing rule for cofix. 3.1 Cut Elimination Cut elimination corresponds to synchronous process reduction. The principal cut reductions are given in Fig. 3. The majority of these are standard; for instance, cut reduction of against corresponds to picking one of the offered alternatives. Cut reduction for fixed points corresponds to unrolling one iteration from the corec term, directed by the type of the fixed point operator F. It depends on a proof construction known as functoriality, which derives the following proof rule for any type operator F : A, B F (A), F (B) We call the term implementing this construction map by analogy with a similar construct in functional programming. The positive cases of map are given in Fig. 4; the remaining cases are obtained by exchanging channels x and y. Lemma 1. If P x : A, y : B then map F x,y(p) x : F (A), y : F (B). The commuting conversions push communication under process prefixes, and are given in Fig. 5. The standard meta theoretic properties of classical linear

10 new z (x[y].(p Q) R) = x[y].(new z (P R) Q), if z fv(q) new z (x[y].(p Q) R) = x[y].(p new z (Q R)), if z fv(p) new z (x(y).p Q) = x(y).new z (P Q) new z (x[in i].p Q) = x[in i].new z (P Q) new z (case x {P; Q} R) = case x {new z (P R); new z (Q R)} new z (?x[y].p Q) =?x[y].new z (P Q) new z (!x(y).p Q) =!x(y).new z (P Q) new z (rec x.p Q) = rec x.new z (P Q) new z (corec x y (P, Q) R) = corec x y (new z (P R), Q) Fig. 5: Commuting Conversions logic with fixed points apply directly to µcp. Therefore deadlock and livelock freedom follow directly from cut elimination, and race freedom follows directly from confluence. 3.2 Streams As we did for µgv, we assume that our language is extended with constants implementing unlimited natural numbers (we could implement Nat within µcp, but choose not to due to lack of space). In particular, assume there exists a proposition Nat, such that Nat is subject to contraction and weakening, and terms: Zero x x : Nat Inc y,x y : Nat, x : Nat We can now use fixed points in µcp to encode streams of naturals. Source = νx. {next : Nat X, stop : 1} Sink = µx. {next : Nat X, stop : } We can define a process which generates a stream of zeros. In this example, we make no use of the coinvariant, and so assign it the type 1: Zeros y y : Source Zeros y = corec y z (z[].0, z().case y {next : y[x].(zero x y[].0); stop : y[].0}). Now we define a process which generates a stream of naturals. As in the corresponding µgv example, we use the coinvariant represent the next number in the stream. Nats y y : Source Nats y = cofix y z (Zero z, case y {next : y[x].(z x new w (Inc z,w w y)) stop : y[].0}) In the next case, we rely on contraction to copy the coinvariant z. We then send one copy along the channel y and increment the other giving w, which we use to re-establish the coinvariant. In the stop case, we rely on weakening for Nat to dispose of the coinvariant. The following receives the first three numbers from the stream of naturals and sends them on z; thus, z has type Nat (Nat Nat ). new y (Nats y rec y.y[next].y(a).rec y.y[next].y(b).rec y.y[next].y(c). rec y.y[stop].y().z[a].z[b].z c)

11 (λx.m ) = fork z.let (x, z) = receive z in link (M ) z (L M ) = send (M ) (L) (M, N ) = fork z.link (send (M ) z) (N ) (let (x, y) = M in N ) = let (x, y) = receive (M ) in (N ) (L : T U ) = serve z.link (L) z (L : T U ) = request (L) (receive M ) = (M ) (cofix f c x = M ) = cofix p c z = let f = λ c x.send x (send c (request p)) in let x = z in (M ) Fig. 6: Translation of µgv Terms to µgvπ 4 Relating µgv and µcp In our previous work (Lindley and Morris, 2014) we give translations between CP and HGV, an extension of GV, corresponding to µgv without recursive session types. In this section, we extend these translations to incorporate recursion. 4.1 Translation from µgv to µgvπ Following our previous work, we factor the translation of µgv into µcp through an intermediate translation. The language µgvπ is the restriction of µgv to session types; that is, µgv without,, or. In order to avoid, we permit receive M, only fused with a pair elimination let (x, y) = receive M in N. We can simulate all non-session types as session types via a translation from µgv to µgvπ. The translation on types is given by the homomorphic extension of the following equations: (T U ) =!(T ).(U ) (T U ) = (!(T ).(U ) ) (T U ) =?(T ).(U ) Each target type is the interface to the simulated source type. A linear function is simulated by input on a channel; its interface is output on the other end of the channel. An unlimited function is simulated by a server; its interface is the service on the other end of that channel. A tensor is simulated by output on a channel; its interface is input on the other end of that channel. This duality between implementation and interface explains the dualization of types in Wadler s original CPS translation from GV to CP. To translate away the arrows in the cofix rule, we adopt a simplified session-oriented variant of cofix for µgvπ: p : (!X.!T.end! ), c : G(X ), x : T M : end! Φ cofix p c x = M : (!νg.!t.end! ) This rule takes advantage of the translation of functions given by ( ), and simulates multiple arguments using. The translation on terms is given by the homomorphic extension of the equations in Fig. 6. Formally, this is a translation from derivations to terms. We write type annotations to indicate introduction and elimination. The only new case is that for corec. We collect the arguments into a tuple, and simulate the interface

12 Φ, x : end? N : S z = x(). Φ N : S z Φ, x : end? N [x/x ] : S z = new x ( Φ, x : end?, x : end? N : S z x [].0) x z = x z fork x.m z = new x (new y ( M y y[].0) x z) link M N z = z().new x ( M x N x) send M N z = new x (x[y].( M y x z) N x) let (x, y) = receive M in M z = new y ( M y y(x). N z) select l M z = new x ( M x x[l].x z) case M {l i x.n i} i z = new x ( M x case x {l i. N i z} i) request M z = new x ( M x?x[y].y z) serve y.m z =!z(y).new x ( M x x[].0) Φ M : G(µG) z = new y ( Φ M : µg y rec y.y z) cofix p c x = M z =!z(y).y(c).y(w).y().corec c x (x w, new p (!p(y).y(c).y(w).y().c w new y ( M y y[].0))) Φ M : µg z = new y ( Φ M : G(µG) y corec z x (y x, map G z,x (rec x.x z))) Φ M : G(νG) z = new y ( Φ M : νg y corec y x (y x, map G z,x (rec x.x z))) Φ M : νg = new y ( Φ M : G(νG) y rec z.y z) Fig. 7: Translation of µgvπ Terms into µcp to the arrows using session operations as in the rest of the ( ) translation. We use the obvious encodings for n-ary let binding, lambdas, and send. We write (Φ) for the pointwise extension of (T ). Theorem 2. If Φ M : T then (Φ) (M ) : (T ). 4.2 Translation from µgvπ to µcp We now give a translation from µgvπ to CP. Post composing this with the embedding of µgv in µgvπ yields a semantics for µgv. For uniformity, we assume the obvious encodings of n-ary,, and case in CP. The translation on session types is as follows:!t.s = T S?T.S = T S end! = 1 end? = {l i : S i} i = {l i : S i } i {l i : S i} i = {l i : S i } i S =? S S =! S X = X X = X νg = ν G µg = µ G X.S = X. S The translation is homomorphic except for output, where the argument type is dualized. This accounts for the discrepancy between!t.s =?T.S and (A B) = A B. The translation on terms (Fig. 7) is formally specified as a CPS translation on derivations as in Wadler s work. We abbreviate the derivation by its final judgement in the translations of weakening and contraction for end?, and for rolling and unrolling of recursive session types νg and µg, as these steps are implicit in the syntax of µgv terms, but explicit in µcp. The other

13 new x (P Q) = let x = fork x. P in Q x y = link x y x[y].(p Q) = let x = send (fork y. P ) x in Q x(y).p = let (y, x) = receive x in P x[].0 = x x().p = P x[l].p = let x = select l x in P case x {l i.p i} i = case x {l i. P i } i?s[x].p = let x = request s in P!s(x).P = link s (serve x. P ) rec x.p = P corec F c x (P, Q) = send c (send (fork x. P ) (request (cofix p c x = Q F,p,c,x ))) where Q F,p,c,x = let c = fork c. Q in map F c,c(?p[z].z[c].z[c ].z[].0) Fig. 8: Translation of µcp Terms into µgvπ constructs depend only on the immediate syntactic structure, so we abbreviate their translations as mappings on plain terms. The majority of translations are as in our previous work. The rolling and unrolling of fixed points in µgv can be translated to cuts against the µcp proofs of the corresponding equivalences. The translation of cofix is a corecursive process with coinvariant x in which p abstracts re-establishing the coinvariant at the end of each step. Theorem 3. If Φ M : T, then M z Φ, z : T. As we have already argued that µcp is deadlock and livelock free, and we now have that all µgv terms correspond to µcp derivations, we can also conclude that µgv is deadlock and livelock free. Note that the type environment Φ is not dual in the result of the translation. This reflects the different interpretations of types in µcp and µgv: a µgv type!t.s designates a channel that expects output, whereas the µcp type T S designates a process that performs output. 4.3 Translating from µcp to µgvπ We now present the translation from µcp to µgvπ. On types: A B =! A. B A B =? A. B 1 = end! = end? +{l i : A i} i = +{l i : A i } i {l i : A i} i = {l i : A i } i?a = A!A = A X = X X = X νf = ν F µf = µ F X.A = X. A The translation on terms makes use of let expressions to simplify the presentation; these are expanded to µgvπ as follows: let x = M in N ((λx.n )M ) = send M (fork z.let (x, z) = receive z in link N z) The translation is given in Fig. 8. The interesting cases are for rec and corec. The translation of rec x.p relies on exactly one use of the rule that unrolls

14 µf to F (µf ) applied to the variable x. The translation of corec simulates the expansion of Q, using p to re-establish the coinvariant after each expansion, and thus depends on the translation of functoriality from µcp to µgv. Theorem 4. If P Γ, then Γ P : end!. As the semantics of µgv is defined by translation to µcp, the following soundness theorem tells us that µgv and µcp are equally expressive. Theorem 5. If P Γ then new z (z[].0 P z) = P. Remark. The admissibility of the final three rules of Fig. 1 follows from Theorem 5, as neither nor uses any of these rules. 5 Related Work Session types were originally introduced by Honda (1993), and were further extended by Takeuchi et al. (1994), Honda et al. (1998), and Yoshida and Vasconcelos (2007). The systems of Honda et al. (1998) and Yoshida and Vasconcelos (2007) include recursive session types. They do not distinguish between recursion and corecursion, and do not exhibit deadlock freedom. Bono and Padovani (2012) and Bernardi and Hennessy (2013) independently observed that duality in those systems was not preserved under unrolling of recursive types; Bernardi et al. (2014) studies the role of duality in session types, including those with recursion. This work adopts a different solution from ours, however, and we hope to investigate the consequences of these different approaches in future work. Caires and Pfenning (2010) showed the first complete propositions-as-types correspondence between intuitionistic linear logic (ILL) and session types. Their work shows both an interpretation of session types as ILL propositions, and a computational interpretation of ILL proofs as π-calculus processes. As a result, they are able to show that well-typed processes are free of races, deadlock, and livelock, by analogy with corresponding cut-elimination results for ILL. Toninho et al. (2013) demonstrate an embedding of their calculus within a functional language; the resulting system admits unrestricted recursion in the functional setting, and can thus provide recursive communication behavior, but does not guarantee that the evaluation of function terms terminates. Girard (1987) speculated that linear logic would be well-suited to reasoning about concurrency. Abramsky (1994) and Bellin and Scott (1994) explored the interpretation of linear logic proofs as concurrent programs. Kobayashi et al. (1996) introduced the use of linear typing to the π-calculus, and demonstrated a form of linear channels similar in usage to session-typed channels; Dardha et al. s (2012) extensions to this work include full session types. 6 Conclusion and Future Work We have demonstrated a propositions-as-types correspondence linking recursive session types and fixed points in linear logic. Unlike previous work on recursive

15 session types, our presentation distinguishes between recursive and corecursive processes. As a consequence of cut elimination in linear logic, all well-typed processes are free of races, deadlock, and livelock. We identify several areas of future work. We would like to give an asynchronous semantics to µgv, following the original presentation of LAST by Gay and Vasconcelos (2010), and show that it is equivalent to the synchronous semantics provided by cut elimination in µcp. We would like to extend µgv with recursive and corecursive types in general, and investigate whether we can extend the ( ) translation to simulate these types as recursive and corecursive session types. We would like to explore further extensions of µcp and their consequences for µgv, including: the addition of second-order polymorphism, as studied by Wadler (2012) for CP and Lindley and Morris (2014) for GV; the addition of the MIX 0 and MIX 2 rules, providing additional notions of parallel composition and unifying the types end! and end? ; and identify natural extensions of CP that give rise to non-determinism, and thus allow programs to exhibit more interesting concurrent behavior, while preserving the underlying connection to linear logic. References S. Abramsky. Proofs as processes. In Selected Papers of the Conference on Meeting on the Mathematical Foundations of Programming Semantics, Part I : Linear Logic: Linear Logic, MFPS 92, pages 5 9, Oxford, United Kingdom, Elsevier. D. Baelde. Least and greatest fixed points in linear logic. ACM Trans. Comput. Logic, 13(1): 2:1 2:44, Jan ISSN G. Bellin and P. J. Scott. On the π-calculus and linear logic. Theoretical Computer Science, 135 (1):11 65, G. Bernardi and M. Hennessy. Using higher-order contracts to model session types. CoRR, abs/ , G. Bernardi, O. Dardha, S. J. Gay, and D. Kouzapas. On duality relations for session types, Draft. V. Bono and L. Padovani. Typing copyless message passing. Logical Methods in Computer Science, 8(1), L. Caires and F. Pfenning. Session types as intuitionistic linear propositions. In International Conference on Concurrency Theory, CONCUR 10, pages , O. Dardha, E. Giachino, and D. Sangiorgi. Session types revisited. In PPDP, pages , R. Demangeon and K. Honda. Full abstraction in a subtyped π-calculus with linear types. In CONCUR, pages , S. J. Gay and V. T. Vasconcelos. Linear type theory for asynchronous session types. Journal of Functional Programming, 20(01):19 50, J.-Y. Girard. Linear logic. Theoretical Computer Science, 50(1):1 101, Jan K. Honda. Types for dyadic interaction. In CONCUR, pages , K. Honda, V. T. Vasconcelos, and M. Kubo. Language primitives and type discipline for structured communication-based programming. In ESOP, pages , N. Kobayashi, B. C. Pierce, and D. N. Turner. Linearity and the pi-calculus. In POPL, pages , S. Lindley and G. Morris. Sessions as propositions. In PLACES, K. Takeuchi, K. Honda, and M. Kubo. An interaction-based language and its typing system. In PARLE, pages , B. Toninho, L. Caires, and F. Pfenning. Higher-order processes, functions, and sessions: A monadic integration. In Proceedings of the 22nd European Conference on Programming Languages and Systems, ESOP 13, pages , Rome, Italy, Springer-Verlag. ISBN B. Toninho, L. Caires, and F. Pfenning. Corecursion in session-typed processes, Draft. P. Wadler. Propositions as sessions. In Proceedings of the 17th ACM SIGPLAN International Conference on Functional Programming, ICFP 12, pages ACM, N. Yoshida and V. T. Vasconcelos. Language primitives and type discipline for structured communication-based programming revisited: Two systems for higher-order session communication. Electr. Notes Theor. Comput. Sci., 171(4):73 93, 2007.